From 508deb59f881236ef37872f9bd311690d6f5a52f Mon Sep 17 00:00:00 2001 From: markm Date: Sat, 8 Mar 2003 12:55:48 +0000 Subject: KerberosIV deorbit sequence: Re-entry. Thank you, faithful friend. Enjoy your retirement in ports. --- crypto/kerberosIV/man/rlogind.8 | 178 ---------------------------------------- 1 file changed, 178 deletions(-) delete mode 100644 crypto/kerberosIV/man/rlogind.8 (limited to 'crypto/kerberosIV/man/rlogind.8') diff --git a/crypto/kerberosIV/man/rlogind.8 b/crypto/kerberosIV/man/rlogind.8 deleted file mode 100644 index bc99529..0000000 --- a/crypto/kerberosIV/man/rlogind.8 +++ /dev/null @@ -1,178 +0,0 @@ -.\" Copyright (c) 1983, 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rlogind.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd August 25, 1996 -.Dt RLOGIND 8 -.Os BSD 4.2 -.Sh NAME -.Nm rlogind -.Nd remote login server -.Sh SYNOPSIS -.Nm rlogind -.Op Fl ailnkvxD -.Op Fl p Ar portnumber -.Op Fl L Ar /bin/login -.Sh DESCRIPTION -.Nm Rlogind -is the server for the -.Xr rlogin 1 -program. The server provides a remote login facility with -kerberos-based authentication or traditional pseudo-authentication with -privileged port numbers from trusted hosts. -.Pp -Options supported by -.Nm rlogind : -.Bl -tag -width Ds -.It Fl a -No-op. For backwards compatibility. Hostnames are always verified. -.It Fl l -Prevent any authentication based on the user's -.Dq Pa .rhosts -file, unless the user is logging in as the superuser. -.It Fl n -Disable keep-alive messages. -.It Fl k -Enable kerberos authentication. -.It Fl i -Do not expect to be spawned by inetd and create a socket and listen on -it yourself. -.It Fl p portnumber -Specifies the port number it should listen on in case the -.It Fl i -flag has been given. -.It Fl v -Vacuous, echo "Remote host requires Kerberos authentication" and exit. -.It Fl x -Provides an encrypted communications channel. This options requires the -.Fl k -flag. -.It Fl L pathname -Specify pathname to an alternative login program. -.It Fl D -Use the TCP nodelay option (see setsockopt(2)). -.El -.Pp -When a service request is received, -.Nm rlogind -verifies the kerberos ticket supplied by the user. -.Pp -For non-kerberised connections, the following protocol is initiated: -.Bl -enum -.It -The server checks the client's source port. -If the port is not in the range 512-1023, the server -aborts the connection. -.It -The server checks the client's source address -and requests the corresponding host name (see -.Xr gethostbyaddr 3 , -.Xr hosts 5 -and -.Xr named 8 ) . -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -The addresses for the hostname are requested, -verifying that the name and address correspond. -Normal authentication is bypassed if the address verification fails. -.El -.Pp -Once the source port and address have been checked, -.Nm rlogind -proceeds with the authentication process described in -.Xr rshd 8 . -.Pp -It then allocates a pseudo terminal (see -.Xr pty 4 ) , -and manipulates file descriptors so that the slave -half of the pseudo terminal becomes the -.Em stdin , -.Em stdout , -and -.Em stderr -for a login process. -The login process is an instance of the -.Xr login 1 -program, invoked with the -.Fl f -option if authentication has succeeded. -If automatic authentication fails, the user is -prompted to log in as if on a standard terminal line. -.Pp -The parent of the login process manipulates the master side of -the pseudo terminal, operating as an intermediary -between the login process and the client instance of the -.Xr rlogin -program. In normal operation, the packet protocol described -in -.Xr pty 4 -is invoked to provide -.Ql ^S/^Q -type facilities and propagate -interrupt signals to the remote programs. The login process -propagates the client terminal's baud rate and terminal type, -as found in the environment variable, -.Ql Ev TERM ; -see -.Xr environ 7 . -The screen or window size of the terminal is requested from the client, -and window size changes from the client are propagated to the pseudo terminal. -.Pp -Transport-level keepalive messages are enabled unless the -.Fl n -option is present. -The use of keepalive messages allows sessions to be timed out -if the client crashes or becomes unreachable. -.Sh DIAGNOSTICS -All initial diagnostic messages are indicated -by a leading byte with a value of 1, -after which any network connections are closed. -If there are no errors before -.Xr login -is invoked, a null byte is returned as in indication of success. -.Bl -tag -width Ds -.It Sy Try again. -A -.Xr fork -by the server failed. -.El -.Sh SEE ALSO -.Xr login 1 , -.Xr ruserok 3 , -.Xr rshd 8 -.Sh BUGS -A more extensible protocol should be used. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . -- cgit v1.1